When it comes to passwords, keeping them “short and sweet” isn't cutting it, with new findings from Specops Software revealing that 88% of passwords used in cyberattacks are made up of 12 characters or less.
The company's annual Weak Password Report also found that 83% of passwords used satisfy the password length and complexity requirements — suggesting that using special characters may not be enough, either.
Despite being preventable, research indicates weak and simple passwords are the cause of over 80% of data breaches. But if you're still using crackable passwords, we also note an easy way to strengthen your password hygiene in 2023.
Specops Weak Password Report: Top Findings
Long, complex passwords are a pain to remember. But new findings from password security company Specops reveal that failing to follow best practices could cost you or your company in the long run.
After analyzing 800 million breached passwords within the company's Breached Password Protection list, the researchers found that using a lengthy password is key, with 88% of compromised passwords containing 12 characters or less. Creating codes in the single digits appears to be even riskier, with the research revealing that the most common password length found in this attack was eight.
Surprisingly, even those who comply with length and complexity requirements may not be safe, with 83% of compromised codes being deemed as “safe” passwords by major security agencies like NIST, PCI, and HITRUST for HIPPA.
Somewhat less surprisingly, the report found that “password” was the most commonly hacked code, with “admin” and “welcome” trailing in second and fourth position. Specops also found that organizations using their own name as their first barrier of defense stand a much higher chance of being hacked, with Nvidia, the chipmaker subject to a major breach last year, being used as a prime example.
Boost Your Password Security in One Simple Step
With 41% of Americans relying on memory alone to keep track of their passwords, it's no surprise simple, catchy passwords are widespread. Yet, with instances of data breaches doubling in the past two years and attacks costing companies an average of $4.24 million dollars, using strong passwords has never been more important.
Fortunately, the days of committing passwords to memory (or jotting them down on a crumpled post-it note) are over. Password managers allow users to store and manage their passwords across a multitude of different platforms at once. And if creating a unique, impenetrable password stresses you out, don't worry — password managers can design codes for you too.
After researching and testing a range of the top solutions, we found that NordPass was the best of the bunch, due to its simple design and affordable price point. However, from 1Password to LastPass, the market is packed with tools designed to bolster your first, and most important, line of defense.